git » firstones » commit 2482339

github: Add govulncheck action

author Alberto Bertogli
2025-06-09 09:28:10 UTC
committer Alberto Bertogli
2025-06-09 09:28:10 UTC
parent e74a381220a61b6a83b02096f056915803b4b5a8
github: Add govulncheck action

This patch adds a govulncheck github action, that runs on every commit,
and also weekly.
.github/workflows/govulncheck.yaml +27 -0
.gitignore +1 -0 
diff --git a/.github/workflows/govulncheck.yaml b/.github/workflows/govulncheck.yaml
new file mode 100644
index 0000000..65fcc0b
--- /dev/null
+++ b/.github/workflows/govulncheck.yaml
@@ -0,0 +1,27 @@
+name: "govulncheck"
+
+on:
+  push:
+    branches: [ "main", "next" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main", "next" ]
+  schedule:
+    - cron: '29 02 * * 6'
+
+jobs:
+  govulncheck:
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    name: Run govulncheck
+    steps:
+      - id: govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          # Use the latest available Go version, and disable the cache
+          # (because it often interferes with finding it).
+          # This helps reduce false positives when there are security issues
+          # in the Go distribution itself.
+          go-version-input: 'stable'
+          check-latest: true
+          cache: false
diff --git a/.gitignore b/.gitignore
index 50f3de5..f657ab6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 .*
 !.gitignore
+!.github/
 firstones